Dangerous control of my Jeep over the internet

[SwampNut]

My computer has been hacked (as in I'm running Solarwinds) and the malware has access to my internet communications before they are encrypted and after they are de-encrypted. The malware would have access to my website credentials before they are encrypted.

I am absolutely not an expert on that software or that scenario. I yelled the question at one of my devs and he said "probably not, but I'd have to look at the browser code." One specific thing I can comment on is "internet communications before they are encrypted" doesn't really make sense. It could just be a wording thing. The data is encrypted before it becomes "internet communications." Something would have to be IN the browser, as the data leaves already encrypted. The client in this encrypted session is the browser or app, not "the computer" itself. Does that help make any sense of it?

If someone installed a keylogger, then they'd see typed-in credentials, but not a remembered login. But in the case that someone has targeted you that deeply, having your Jeep remote started or unlocked is the least of your worries.

Sponsored

 

[unsocbl]

Credentials for reference:
CISSP
CISM
CCSP
CEH

So, if you're that paranoid, stay off the Internet. Remove the factory radio/Uconnect module.

I really can't think of a single reason to try and hack someone's car. I suppose, a hacker may attempt it just for fun or 1 of the reasons below:
Random selection-So, take the number of cars that can be accessed via the Internet to get the odds of it being yours (I think winning the lottery has better odds).
Targeted attack- don't give someone a reason to make you a target. Although there are 1000 easier ways to target you than trying to hack your vehicle via the internet.

Relax. drive, enjoy!

 

[Mr._Bill]

Sounds like something that could be mitigated to some extent with 2 factor authentication. If I log into the mopar website and try to send the vehicle a command, I could get a prompt to enter a PIN delivered by SMS or email.

This is already implemented in the Uconnect app. To use the app, you have to login to your Mopar account. There are four commands to choose from. To have any of them sent to the truck requires you to enter your PIN. Once that is done, the Mopar server sends your request to SiriusXM, which contacts the truck using the AT&T cellular network. The truck responds back with an accept or reject, and success or failure. The results are sent back to Mopar, who then notifies you.

If your Mopar account becomes compromised, all that can be done is send those pre-determined commands to the truck. There is no direct access to the truck, or the ability to control any of the systems.

Consumers do have a choice, and Jeep is catering to them. Like me, they want these features and are buying trucks so equipped. Those that don't want the remote functions, have the choice to buy a model that does not have the communication abilities.

 

[LostWoods]

A title I've actually held, so thank you for acknowledging.

touché, but you know what I was getting at. Jeep considered the system secure before it was hacked the first time around. Hell even after the security gateway was installed, the same people still managed to bypass it with the only new requirement being physical access to the connector. There's no telling what someone might come up with and nobody knows how secure a system is until it isn't... you typically make a best effort in industry but it's clear that's not always the case in automotive where delivering features and making money take the front seat to a pure cost like security.

Credentials for reference:
CISSP
CISM
CCSP
CEH

So, if you're that paranoid, stay off the Internet. Remove the factory radio/Uconnect module.

I really can't think of a single reason to try and hack someone's car. I suppose, a hacker may attempt it just for fun or 1 of the reasons below:
Random selection-So, take the number of cars that can be accessed via the Internet to get the odds of it being yours (I think winning the lottery has better odds).
Targeted attack- don't give someone a reason to make you a target. Although there are 1000 easier ways to target you than trying to hack your vehicle via the internet.

Relax. drive, enjoy!

Same field here and I don't think most people are being paranoid, only frustrated. There's nothing wrong with wanting to minimize exposure by removing features that a consumer feels add zero value and there is no reason my truck needs to talk to anyone but me.

 

[SwampNut]

Jeep considered the system secure before it was hacked the first time around.

A totally unrelated, local hack. If someone gets into my server rooms, I don't expect much I've done could stop them.

Out of all the things to worry in daily life, this seems like some of the lowest priority. But I always learn something about FUD in conversations like this, and it helps me get what I see every day.

 

[LostWoods]

A totally unrelated, local hack. If someone gets into my server rooms, I don't expect much I've done could stop them.

Out of all the things to worry in daily life, this seems like some of the lowest priority. But I always learn something about FUD in conversations like this, and it helps me get what I see every day.

Our server rooms are just slightly more secure than a vehicle that commonly has a fabric top and is regularly found without doors. Even with all that extra security, I don't typically skip flicking a vulnerable setting to "off" just because it's unlikely to be exploited.

The problem with any hack is you don't know the severity until it's discovered. Right know it's known that it can be done with physical access and they might be great with patching but who knows what will come to light in the future. At some point FCA will EOL the platform and unless they brick the communications on the vehicle side, that's a vulnerability akin to running a 5 year old version of Android that has been poked full of holes.

That's what's really fun with all this... these are somewhere between an embedded system and a mobile device and it's not that it isn't secure now, it's how this will age and what will come to light in 5-10 years when it's not being updated anymore and these vehicles are still on the road. FCA failing to include an "off" setting is nothing more than laziness and greed because they want your data.

 

[Mr._Bill]

Our server rooms are just slightly more secure than a vehicle that commonly has a fabric top and is regularly found without doors. Even with all that extra security, I don't typically skip flicking a vulnerable setting to "off" just because it's unlikely to be exploited.

The problem with any hack is you don't know the severity until it's discovered. Right know it's known that it can be done with physical access and they might be great with patching but who knows what will come to light in the future. At some point FCA will EOL the platform and unless they brick the communications on the vehicle side, that's a vulnerability akin to running a 5 year old version of Android that has been poked full of holes.

That's what's really fun with all this... these are somewhere between an embedded system and a mobile device and it's not that it isn't secure now, it's how this will age and what will come to light in 5-10 years when it's not being updated anymore and these vehicles are still on the road. FCA failing to include an "off" setting is nothing more than laziness and greed because they want your data.

This is not likely to be an issue, since the ability to communicate is only over the cellular network. The support for the Uconnect modem will likely be dropped by then, removing the ability to communicate.

My Nissan Leaf uses the same SiriusXM/AT&T setup for remote functions. The original modem had to be replaced, at a cost to me of $200 in 2017, when AT&T dropped support for it from the cellular network. The replacement modem is scheduled to lose support within a year.

 

[SwampNut]

I had to replace the old modem in my JK because it was 3G, and of course, that's gone. Viper gave me a deal on an LTE modem and I swapped it. Otherwise, it would simply have gone dark. And if you drop the service, they can just drop the IMEI from the network. The idea of a cellular zombie sitting out there just waiting to be attacked is silly.

 

[LostWoods]

This is not likely to be an issue, since the ability to communicate is only over the cellular network. The support for the Uconnect modem will likely be dropped by then, removing the ability to communicate.

My Nissan Leaf uses the same SiriusXM/AT&T setup for remote functions. The original modem had to be replaced, at a cost to me of $200 in 2017, when AT&T dropped support for it from the cellular network. The replacement modem is scheduled to lose support within a year.

The one vector is the onboard wifi which may or may not disable if there's no LTE... it can be toggled and clearly the wifi can't access the internet without cellular, but who knows how it will operate in a retired state. Though I'm not sure LTE is going away even in 10 years.

But either way, I think people are missing my point here... I'm not arguing it's a common vulnerability, quite the opposite. It's a very low risk (and even future vulnerabilities will likely be low risk), but the fact it has a potentially critical impact that threatens life means to me that you should be able to fully disable the system beyond just the onboard hotspot setting. It's a trivial thing to code.

 

[Mr._Bill]

The one vector is the onboard wifi which may or may not disable if there's no LTE... it can be toggled and clearly the wifi can't access the internet without cellular, but who knows how it will operate in a retired state. Though I'm not sure LTE is going away even in 10 years.

But either way, I think people are missing my point here... I'm not arguing it's a common vulnerability, quite the opposite. It's a very low risk (and even future vulnerabilities will likely be low risk), but the fact it has a potentially critical impact that threatens life means to me that you should be able to fully disable the system beyond just the onboard hotspot setting. It's a trivial thing to code.

The problem is you are spewing misinformation like the OP. The Uconnect system does not allow outside access to the Jeep computer systems. There is no life safety or dangerous control issues. There are some pre-programmed functions that can be requested, but no direct access that can be exploited. All recorded hacking events, so far, have required prior physical access to the truck to carry out. The updates to the current security were a result of showing what was possible.

The onboard WiFi is a cellular hotspot, which does not have access to the internal systems. As long as the Uconnect modem has access to the cellular network, and you are willing to pay additional for the service, it can provide WiFi for you to use. Many already have this as a feature on their phones and are not willing to pay for it.

 

[5JeepsAz]

 

[ShadowsPapa]

My computer has been hacked (as in I'm running Solarwinds) and the malware has access to my internet communications before they are encrypted and after they are de-encrypted. The malware would have access to my website credentials before they are encrypted.

That's not technically a hack.
You downloaded compromised software from SolarWinds.
Apparently you weren't running a check on that file to verify the fingerprint of the original file (the file's hash, MD5, SHA-1, and SHA-256, etc.) maybe you allowed automatic updates.

Unreal that government sites don't verify things better. More unreal that SolarWinds wasn't careful - but then I did some tracking of their history.....................

 

[rvillano8188]

I skipped like 10 pages, but am I the only one who would slow clap if my truck just up and drove itself away?

I mean if someone does that, give them a job.

 

[ShadowsPapa]

Most of us are concerned and somehow that's an issue for you.

HAHAHAHAHAHAHAHAHAHAHAHA.
Only uninformed are concerned.
TRUE experts are not.
Chicken Little is and that's not "most of us".
Where the bloody hell do you get "most of us"?
Seriously?

I've protected multi-billion dollar multi-national companies and a government agency and you are the expert?

 

[ShadowsPapa]

Credentials for reference:
CISSP
CISM
CCSP
CEH

So, if you're that paranoid, stay off the Internet. Remove the factory radio/Uconnect module.

I really can't think of a single reason to try and hack someone's car. I suppose, a hacker may attempt it just for fun or 1 of the reasons below:
Random selection-So, take the number of cars that can be accessed via the Internet to get the odds of it being yours (I think winning the lottery has better odds).
Targeted attack- don't give someone a reason to make you a target. Although there are 1000 easier ways to target you than trying to hack your vehicle via the internet.

Relax. drive, enjoy!

Wow, now I am truly impressed (and I am NOT mocking but am genuinely impressed with those security credentials). I never got THAT far (officially - just taught some classes at Symantec in Eugene, OR years ago) so I understand the work that goes into those letters.
I especially like the white hat hacker bit. I always told people who asked how I did it - you have to think like the bad guy, get into their head, their motivation, think like them, to know how to protect against them.
Cool

Sponsored